package com.hp.team.bookstore.web.access;

import java.util.Collection;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.SessionAttributes;

import com.hp.team.bookstore.web.IPageUrlConstants;

@Controller
@SessionAttributes(value = "loggedIn")
public class LoginController implements IPageUrlConstants{


	@RequestMapping(value = {"/","/welcome"}, method = RequestMethod.GET)
	public String printWelcome(ModelMap model) {
		
		if(SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString().equalsIgnoreCase("anonymousUser")){
			model.addAttribute("loggedIn", false);
			model.addAttribute("message", "You are not logged in!!");
		} else{
			User user = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
			Collection<GrantedAuthority> userRoles = user.getAuthorities();
			model.addAttribute("loggedIn", true);
			model.addAttribute("user", user);
			model.addAttribute("userRoles", userRoles);
			model.addAttribute("message", "You are now logged in!!!");
		}
		return PAGE_WELCOME;
	}

	@RequestMapping(value = "/admin", method = RequestMethod.GET)
	public String navigateToAdminPage(ModelMap model) {

		User user = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
		String name = user.getUsername();
		if (user.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_ADMIN"))) {
			model.addAttribute("adminMessage", "Welcome to admin page!!");
		}
		model.addAttribute("username", name);
		model.addAttribute("message", "Spring Security login + database example");
		return "access/admin/admin";

	}

	@RequestMapping(value = "/user", method = RequestMethod.GET)
	public String navigateToUserPage(ModelMap model) {

		User user = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
		String name = user.getUsername();
		if (user.getAuthorities().contains(new GrantedAuthorityImpl("ROLE_USER"))) {
			model.addAttribute("userMessage", "Welcome to user page!!");
		}
		model.addAttribute("username", name);
		model.addAttribute("message", "Spring Security login + database example");
		return "access/user/user";
	}

	@RequestMapping(value = "/login", method = RequestMethod.GET)
	public String login(ModelMap model) {
		return PAGE_LOGIN;
	}

	@RequestMapping(value = "/loginfailed", method = RequestMethod.GET)
	public String loginerror(ModelMap model) {
		model.addAttribute("error", "true");
		return PAGE_LOGIN;
	}

	@RequestMapping(value = "/logout", method = RequestMethod.GET)
	public String logout(ModelMap model) {
		return PAGE_WELCOME;
	}

	@RequestMapping(value = PAGE_FORBIDDEN, method = RequestMethod.GET)
	public String accessDenied(ModelMap model) {
		model.addAttribute("error", "true");
		return PAGE_FORBIDDEN;
	}

//	@RequestMapping(value = "/unauthorized", method = RequestMethod.GET)
//	public String navigateUnAuthorizedPage(ModelMap model) {
//		return PAGE_UNAUTHORIZED;
//	}
}